Skip to Content

Ever wondered how to control access to the various services in an Enterprise SOA without having your users keep long lists of passwords that they must remember for daily tasks? What are best practices in the industry to design a flexible and secure solution? And how does your architecture still prove to be a solid approach in a heterogeneous landscapes where consumers (e.g. a composite application) may have to call several services on different platforms within the organization and across its boundaries?

If you are planning or implementing an Enterprise SOA, I’m sure that you have been asked these types of questions many times. Session SIM207 (“Towards Interoperable SSO for Web Services”) at SAP TechEd in Las Vegas and Berlin will provide you with the answers. Administrators, architects or developers will learn how to solve the Single Sign-On (SSO) issue in heterogeneous landscapes based on industry-wide accepted standards supported by SAP NetWeaver and other platforms.

My colleague Stefanie Garcia-Laule and I invite you to take a 2-hours journey into the world of Enterprise SOA and Single Sign-On (SSO) that will cover the following topics:

  • Standards-based SSO for Web Services
  • New features for Web Services SSO in SAP NetWeaver
  • Enterprise SOA SSO in practice

SIM207 Demo Scenario


Figure 1: Heterogeneous ESOA security scenario demonstrated at TechEd 08 SIM207

We’ll start our session with an introduction of the fundamental concepts and technologies, but our main objective is to give you an early and practical insight into the upcoming features in SAP NetWeaver and how to use them for Web Services SSO in a real-world ESOA scenario. In an online demo (see figure 1 above), we’ll show how to build a service-based solution in a heterogeneous environment, including Microsoft .NET 3.0 and Excel serving as the frontend on the consumer side and an ABAP-based Web Service provider running on the SAP NetWeaver Application Server, requiring strong authentication from any service consumer. To deliver on the promise of Single Sign On in this scenario, the user will only have to authenticate once at the initial Windows desktop log on, and the security session will be obtained across system and domain boundaries based on the SAML Token Profile standard that provides interoperability between both platforms.

Get ready for this practical, hands-on advice on industry-driven, interoperable design for secure heterogeneous ESOA landscapes and hope to see you at SAP TechEd in Las Vegas or Berlin!

Please click here to download the complete source code archive of the demo scenario.

To report this post you need to login first.


You must be Logged on to comment or reply to a post.

  1. Former Member
    Dear Sirs, with reference to the attached code, I need to know the password for the certificate SAMLSTS.p12, so I may install on computer.

    Thanks in advance

  2. Former Member
    Hi Martin,

    First I want to thank you for your previous answer.

    About the certificates I still have a doubt:

    SAMLSTS & SAMLConsumer referencing “Trusted CA”, i found the relative certificate -> works fine
    WSS ABAP referencing “WS Security Test CA”, I could not find the certificate.
    where can I find it?

    Thanks in advance
    Maurizio Rocca

  3. Former Member
    Hi Martin,

    I imported your new certificate, same result.
    By opening the certificate, I get these infos (identical to wss abap.cer)

    General tab:
    > Insufficient information to verify the certificate
    certification path tab, certificate state:
    > Could not find the issuer of the certificate

    Best regards
    Maurizio Rocca


Leave a Reply